The former CBS correspondent says the current DOJ is “stonewalling” her.

Paula Bolyard reports: Former CBS correspondent Sharyl Attkisson accused the Department of Justice (DOJ) of monkeying around with her hard drive while her computer was in their possession. She tweeted on Thursday, “What would you think if I told you the hard drive of one of my personal computers was secretly switched out w/another while in custody of the Justice Dept. Inspector General– before they gave it back to me?”

Re: My govt. computer intrusions…What would you think if I told you the hard drive of one of my personal computers was secretly switched out w/another while in custody of the Justice Dept. Inspector General– before they gave it back to me? (Tick-tock.) #GettingCloserToAnswers

You may recall that Attkisson’s computer was hacked back in 2012 while she was working for CBS and reporting on the Benghazi scandal. CBS News spokeswoman Sonya McNair said at the time that a cybersecurity firm hired by CBS News “has determined through forensic analysis” that “Attkisson’s computer was accessed by an unauthorized, external, unknown party on multiple occasions in late 2012.”

“Evidence suggests this party performed all access remotely using Attkisson’s accounts,” McNair said. “While no malicious code was found, forensic analysis revealed an intruder had executed commands that appeared to involve search and exfiltration of data.

This party also used sophisticated methods to remove all possible indications of unauthorized activity, and alter system times to cause further confusion. CBS News is taking steps to identify the responsible party and their method of access.” Read the rest of this entry »

“The unclassified report is not particularly impressive. It basically confirms what those who had been paying attention already know. It may serve to limit Trump for purposes of plausible deniability. But this is a highly risk-averse document that shows deference to the protection of sources and methods over informing the American people. That’s a shame, as certainly more detail could have been safely provided.”

— Susan Hennessey, former NSA official, to The Daily Beast, in an email

“There was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines,” President-elect Trump said in a statement right after he met with Director of National Intelligence James Clapper, CIA Director John Brennan, FBI Director Jim Comey, and NSA chief Adm. Michael Rogers.

“Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election [and with]… a clear preference for President-elect Trump,” the intelligence chiefs announced through an unclassified report released after the meeting that sounded like it was coming from an alternate universe.

The night-and-day report and reaction hint at either a difficult relationship to come between the president and America’s spies, or a cagey response by a future commander in chief who is only beginning to realize how the chess masters in the Kremlin play the game of geopolitics.

The unclassified report is unlikely to convince a single skeptic, as it offers none of the evidence intelligence officials say they have to back it up—none of those emails or transcripts of phone calls showing a clear connection between the Russian government and the political intrusions. The reason—revealing how U.S. spies know what they know could endanger U.S. spy operations.

“There was absolutely no effect on the outcome of the election including the fact that there was no tampering whatsoever with voting machines.”

And it contains some out-dated information that seems slapdash considering the attention focused on it. Errors in the report were almost inevitable, because of the haste in which it was prepared, said one U.S. official briefed on the report. The report comes in three levels—unclassified, classified and then one so top secret that only a handful of intelligence professionals was able to view the whole thing. That most classified report is the one that went to President Barack Obama, and to Trump. The merely classified version will be briefed to lawmakers in the coming days. The classification issues alone meant it was “hard to transmit around” to be fact-checked, the official said, speaking on condition of anonymity because he was not authorized to discuss the matter publicly.

“The unclassified report is not particularly impressive,” Susan Hennessey, a former NSA official, told The Daily Beast in an email. “It basically confirms what those who had been paying attention already know. It may serve to limit Trump for purposes of plausible deniability. But this is a highly risk-averse document that shows deference to the protection of sources and methods over informing the American people. That’s a shame, as certainly more detail could have been safely provided.”

That lack of specificity makes it easier for Trump to stay in the “see no, hear no, speak no evil” column. His post-spy-summit statement seemed to cherry-pick the intelligence, only mentioning parts of the briefing that confirmed his belief that election vote tallies were not tampered with, rather than the part that described how the Democratic National Committee and key Hillary Clinton campaign officials were hacked, and their emails released to devastating result.

Then again, maybe the scales did fall from his eyes behind those closed doors, and he did believe the “forensic evidence” the spies had gathered, as described by current and former U.S. intelligence officials, including emails between Russian officials celebrating the results of the election, and intercepted conversations showing they’d hoped to sow discord and doubt, whoever got elected.

Perhaps the president-elect just got a crash course in “Moscow Rules,” and is beginning to understand the world-class hacking machine at Russian President Vladimir Putin’s disposal. The rules, established for U.S. spies working in Moscow during the Cold War, include: Don’t harass the opposition; lull them into a sense of complacency; and pick the time and place for action.

Officials travelling with Mrs May have been issued with temporary mobile phones and email addresses in an attempt to evade Chinese state hackers.

Security advisers are also warning staff not to keep gifts they receive and to be particularly wary of electronic devices, such as free computer memory sticks, mobile phone SIM cards or chargers which they are offered by their Chinese hosts.

One Whitehall source said security chiefs had warned them that hotel rooms used during the summit were likely to be bugged. “We have been told that if you feel uncomfortable about people seeing you naked, you should get changed under your bedclothes,” the source said.

British security agencies regard China as one of the most aggressive nations when it comes to launching cyber-attacks against western governments and businesses, as well as posing a major espionage threat to the UK.

Chinese technological expertise has prompted security concerns at the highest levels of government and British intelligence.

There are fears that Chinese intelligence agents will use their capability to intercept emails and phone calls and to install spy software on computers during the summit.

However, one of the gravest threats posed by foreign spies is also one of the oldest: the honey trap.

During Mr Brown’s visit to China in 2008, one of the No 10 officials accompanying the then Prime Minister reportedly fell prey to a “beautiful” female Chinese spy. She went back to his hotel room, drugged him, stole his mobile phone and documents from his briefcase.

The incident was described by Mr Brown’s former spin doctor, Damien McBride, in his 2013 memoir, Power Trip.

The No 10 team was “accosted on one side by a beautiful posse of Chinese girls and on the other side by an equivalent group of Russian blondes”, Mr McBride said.

He wrote:

Even before our resident security expert could warn us that their interest was not to be taken at face value, we looked up and saw one of our number disappearing up the stairs to the exit with one of the girls, beaming back at us.

He woke up the following morning “minus his Blackberry and half the contents of his briefcase”.

The official also had a “‘very bad headache, owning to the Mickey Finn nightcap his overnight companion had administered to him in his hotel room”.

‘Be Afraid, America. Be Very Afraid’

…I’m talking about seizing control of industrial control systems. These ubiquitous hidden computers have gradually and quietly been put in charge of all manner of critical infrastructure—including nuclear power plants, the grid, water and gas pipelines, refineries, air traffic control, trains, factories, you name it.

Unlike the computers we use in our daily lives, these computers are largely invisible. They don’t have screens or keyboards. Most people aren’t aware that they exist. And yet they are embedded in low-level processes. They are everywhere because they create tremendous efficiencies and cost savings, and because they exist almost as an afterthought, they are often completely insecure. They often don’t run anti-virus software and by and large no one bothers to scan them to see if they might be infected with malicious software. And guess what? They often are connected to the Internet where a clever hacker half a world away can get access to them!

The threat is not hypothetical. There have been almost 750 control system cyber events (including both malicious and unintentional incidents). They’ve had a global impact. Industries have included power companies, pipelines, dams, planes, and trains. Why hasn’t the public heard about them? Most often because the victims didn’t realize it since they didn’t have the right forensics….(read more)

T-Mobile has confirmed this evening that as many as 15 million of its customers have been affected by a data breach. As the company is quick to point out, however, the breach did not occur on its servers, but rather its credit partner’s, Experian.

While Experian and T-Mobile both confirm that no credit card or banking information was compromised in the breach, a variety of other sensitive information was. Customer names, addresses, birthdates, Social Security numbers, and ID numbers were all leaked as part of the attack.

The attack affects approximately 15 million people who required a credit check when signing up for device financing through T-Mobile. Perhaps most notably, however, the vulnerability was open for more than two years, from September 1, 2013 though September 16, 2015.

T-Mobile says that it is offering two years of free credit monitoring to anyone who fears they could have been affected by the breach. T-Mobile CEO John Legere wrote in an open letter on the carrier’s website that he is “incredibly angry about this data breach” and that T-Mobile will be reevaluating its relationship with Experian.

I’ve always said that part of being the Un-carrier means telling it like it is. Whether it’s good news or bad, I’m going to be direct, transparent and honest.We have been notified by Experian, a vendor that processes our credit applications, that they have experienced a data breach. The investigation is ongoing, but what we know right now is that the hacker acquired the records of approximately 15 million people, including new applicants requiring a credit check for service or device financing from September 1, 2013 through September 16, 2015. These records include information such as name, address and birthdate as well as encrypted fields with Social Security number and ID number (such as driver’s license or passport number), and additional information used in T-Mobile’s own credit assessment. Experian has determined that this encryption may have been compromised. We are working with Experian to take protective steps for all of these consumers as quickly as possible. Read the rest of this entry »

The SEC lawsuit named 17 individuals and 15 companies in the U.S. and abroad, in such places as Russia, France, Malta and Cyprus. Danny Ocean could not be reached for comment.

NEWARK, N.J. (AP) — In late October 2013, Panera Bread Co., the national chain of restaurants that specializes in healthy soups and baked goods, prepared a news release to announce it was adjusting its earnings expectations downward for the recently begun fourth quarter.

“The international hacking scheme allegedly raked in $100 million between 2010 and 2015. It is being called the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.”

“The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days.”

This one was different, though. As an unsuspecting investing public awaited the announcement, federal authorities say a group comprising computer hackers and stock traders already had seen the release in the computer system of Marketwired, the Toronto business newswire.

“Authorities said that beginning in 2010 and continuing as recently as May, they gained access to more than 150,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco. The press releases contained earnings figures and other corporate information.”

Using the crucial information in the release, the group allegedly made $17 million worth of trades and orders betting Panera’s stock would lose value once the news went public. They were correct, and for their efforts walked away with nearly $1 million in profit, according to a criminal indictment unsealed Tuesday against nine people in the U.S. and Ukraine.

“It is being called the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.”

The international hacking scheme allegedly raked in $100 million between 2010 and 2015. It is being called the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.

“Perhaps even more alarming was the assertion by prosecutors that much of the group’s ability to illegally tap into the news services’ computer systems came via ‘phishing,’ a well-known practice in which hackers send an email with a seemingly innocuous link that, if clicked on, can eventually lead to the divulging of the user’s login and password information.”

The Securities and Exchange Commission also brought civil charges against the nine plus 23 other people and companies in the U.S. and Europe.

“Every employee of every company has to be vigilant about the emails they get from people who look like their friends or acquaintances, urging them to click on a link. They should say to themselves every time that happens,`That seems like a really bad idea.'”

— Paul Fishman, U.S. attorney for New Jersey

The case “illustrates the risks posed for our global markets by today’s sophisticated hackers,” SEC chief Mary Jo White said. “Today’s international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated.”

“The nine people indicted include two people described as Ukrainian computer hackers and six stock traders. Prosecutors said the defendants made $30 million from their part of the scheme.”

Authorities said that beginning in 2010 and continuing as recently as May, they gained access to more than 150,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco. The press releases contained earnings figures and other corporate information.

“Today’s international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated.”

The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days, prosecutors said. Read the rest of this entry »

The email grab — first codenamed ‘Dancing Panda’ by U.S. officials, and then ‘Legion Amethyst’ — was detected in April 2010, according to a top secret NSA briefing from 2014. The intrusion into personal emails was still active at the time of the briefing and, according to the senior official, is still going on.

Robert Windrem reports: China’s cyber spies have accessed the private emails of “many” top Obama administration officials, according to a senior U.S. intelligence official and a top secret document obtained by NBC News, and have been doing so since at least April 2010.

The email grab — first codenamed “Dancing Panda” by U.S. officials, and then “Legion Amethyst” — was detected in April 2010, according to a top secret NSA briefing from 2014. The intrusion into personal emails was still active at the time of the briefing and, according to the senior official, is still going on.

In 2011, Google disclosed that the private gmail accounts of some U.S. officials had been compromised, but the briefing shows that private email accounts from other providers were compromised as well.

An NSA slide shows the organization of the Chinese government’s hacking units, with separate operations run by the Chinese military and by state security. NBC News

The government email accounts assigned to the officials, however, were not hacked because they are more secure, says the senior U.S. intelligence official.

The senior official says the private emails of “all top national security and trade officials” were targeted.

The Chinese also harvested the email address books of targeted officials, according to the document, reconstructing and then “exploiting the(ir) social networks” by sending malware to their friends and colleagues.

The time period overlaps with Hillary Clinton’s use of a private email account while Secretary of State from Jan. 21, 2009 to Feb. 1, 2013. The names and ranks of the officials whose emails were actually grabbed, however, were not disclosed in the NSA briefing nor by the intelligence official. Read the rest of this entry »

“We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State.”

Paris (AFP) – French television network TV5Monde on Wednesday evening said it had been hacked by individuals claiming to belong to the Islamic State group, hijacking its TV channels, websites and Facebook page.

“We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State,” the broadcaster’s director general Yves Bigot told AFP. Read the rest of this entry »

HONG KONG – Chinese hackers contacted John Boehner‘s office this week, offering their archived record of Hillary Clinton’s email database, in exchange for a guarantee of exclusive access to future leaks of celebrity nude images and videos, sources inside the capitol have confirmed. The Department of Homeland security, however, denies any knowledge of a deal being offered by the Chinese, and authorities in Beijing decline to comment. “This is either a rogue operation, or a prank”, said Eric Holder, when contacted for comment. “There’s no evidence the emails they claim to have are authentic.”

Other officials disagreed, conceding that military and non-military hackers inside Chinese have long held copies of every email written and received by cabinet officers in the U.S. “We know they keep records of our correspondence, probably even more complete ones than we do”, said one official. “There’s really not a lot we can do about it. We might as well benefit from it.” Boehner agreed, and suggested that negotiations with A-list actresses are already underway.

“I’d do my part, if it meant this scandal could be neutralized”, said actress Kirsten Dunst, “but only if other actresses do it, too, and only if the images don’t appear outside China.” A spokesperson for Jennifer Lawrence said that under certain conditions she might allow personal photographs to be shared among Chinese hackers, but declined to say what those conditions are. “Jennifer is a patriot,” her spokesperson said. “But she’s also a realist. She doesn’t necessarily trust the Chinese to honor non-disclosure agreements. Another actress, Kate Upton, declined to participate, “If they wanted picture of me, they’d have them by now. Everyone else does”, she said. Read the rest of this entry »

The highly unusual practice of a Cabinet-level official physically running her own email would have given Clinton, the presumptive Democratic presidential candidate, impressive control over limiting access to her message archives

WASHINGTON (AP) – Jack Gillum and Ted Bridis report: The computer server that transmitted and received Hillary Clinton’s emails – on a private account she used exclusively for official business when she was secretary of state – traced back to an Internet service registered to her family’s home in Chappaqua, New York, according to Internet records reviewed by The Associated Press.

“In November 2012, without explanation, Clinton’s private email account was reconfigured to use Google’s servers as a backup in case her own personal email server failed, according to Internet records. That is significant because Clinton publicly supported Google’s accusations in June 2011 that China’s government had tried to break into the Google mail accounts of senior U.S. government officials.”

The highly unusual practice of a Cabinet-level official physically running her own email would have given Clinton, the presumptive Democratic presidential candidate, impressive control over limiting access to her message archives. It also would distinguish Clinton’s secretive email practices as far more sophisticated than some politicians, including Mitt Romney and Sarah Palin, who were caught conducting official business using free email services operated by Microsoft Corp. and Yahoo Inc.

Most Internet users rely on professional outside companies, such as Google Inc. or their own employers, for the behind-the-scenes complexities of managing their email communications. Government employees generally use servers run by federal agencies where they work.

“The AP has waited more than a year under the open records law for the State Department to turn over some emails covering Clinton’s tenure as the nation’s top diplomat, although the agency has never suggested that it didn’t possess all her emails.”

In most cases, individuals who operate their own email servers are technical experts or users so concerned about issues of privacy and surveillance they take matters into their own hands. It was not immediately clear exactly where Clinton ran that computer system.

“Operating her own server would have afforded Clinton additional legal opportunities to block government or private subpoenas in criminal, administrative or civil cases because her lawyers could object in court before being forced to turn over any emails.”

Clinton has not described her motivation for using a private email account – hdr22@clintonemail.com, which traced back to her own private email server registered under an apparent pseudonym – for official State Department business.

Operating her own server would have afforded Clinton additional legal opportunities to block government or private subpoenas in criminal, administrative or civil cases because her lawyers could object in court before being forced to turn over any emails. And since the Secret Service was guarding Clinton’s home, an email server there would have been well protected from theft or a physical hacking.

“It was unclear whom Clinton hired to set up or maintain her private email server, which the AP traced to a mysterious identity, Eric Hoteham. That name does not appear in public records databases, campaign contribution records or Internet background searches.”

But homemade email servers are generally not as reliable, secure from hackers or protected from fires or floods as those in commercial data centers. Those professional facilities provide monitoring for viruses or hacking attempts, regulated temperatures, off-site backups, generators in case of power outages, fire-suppression systems and redundant communications lines.

Hillary email story about to metasticize..SHE RAN HER OWN SERVER. Looks VERY premeditated to thwart the law. http://t.co/Uo7zS8XLmb

A spokesman for Clinton did not respond to requests seeking comment from the AP on Tuesday. Clinton ignored the issue during a speech Tuesday night at the 30th anniversary gala of EMILY’s List, which works to elect Democratic women who support abortion rights.

It was unclear whom Clinton hired to set up or maintain her private email server, which the AP traced to a mysterious identity, Eric Hoteham. That name does not appear in public records databases, campaign contribution records or Internet background searches. Hoteham was listed as the customer at Clinton’s $1.7 million home on Old House Lane in Chappaqua in records registering the Internet address for her email server since August 2010. Read the rest of this entry »

Rate this:

NEW YORK — Following a vast hacking attack that targeted Sony Pictures, several of the Hollywood studio’s films, including Brad Pitt’s “Fury” and the remake of the musical “Annie,” have become available on illicit web sites.

Screener copies of at least five unreleased Sony films have made their way online, and the FBI is involved in the investigation into the apparent leak.

“The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it,” a Sony Pictures spokesperson said in a statement.

Sony is “exploring the possibility” of a North Korean link to the hacking, according to Re/code and other reports. That’s because Sony is about to release “The Interview,” a comedy starring James Franco and Seth Rogen. Its plot entails an attempted assassination of the North Korean leader Kim Jong-Un.